Project

Profile

Help

Story #6847

closed

Story #6331: [Epic] Add SSL support

As an installer user, I can configure Pulp to run with TLS enabled using self-signed certificates

Added by bmbouter about 4 years ago. Updated over 3 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Assignee:
-
Category:
Installer - Moved to GitHub issues
Sprint/Milestone:
Start date:
Due date:
% Done:

100%

Estimated time:
Platform Release:
Groomed:
Yes
Sprint Candidate:
No
Tags:
Sprint:
Sprint 78
Quarter:

Description

Background

In some cases users of Pulp users want TLS and would like to have self-signed certificates. The motivation is for installations where the user doesn't have existing certs and letsencrypt certs are not an option because the the pulp host is not internet accessible.

Solution

Add options to the installer for the user to express their intent to have Pulp create and use self-signed TLS certificates. If provided, the installer should create self-signed certificates for the hostname of the host. The certificates should be used to configure either the Apache or Nginx configuration Pulp to run on port 443 with TLS enabled.

This option would not be enabled by default.

Actions #1

Updated by bmbouter about 4 years ago

  • Parent issue set to #6331
Actions #2

Updated by bmbouter about 4 years ago

  • Tracker changed from Issue to Story
  • % Done set to 0
Actions #3

Updated by pulpbot about 4 years ago

  • Status changed from NEW to POST
Actions #4

Updated by dkliban@redhat.com about 4 years ago

  • Groomed changed from No to Yes
  • Sprint set to Sprint 74
Actions #5

Updated by rchan about 4 years ago

  • Sprint changed from Sprint 74 to Sprint 75
Actions #6

Updated by rchan almost 4 years ago

  • Sprint changed from Sprint 75 to Sprint 76
Actions #8

Updated by rchan almost 4 years ago

  • Sprint changed from Sprint 76 to Sprint 77

Added by spredzy almost 4 years ago

Revision 83e9b685 | View on GitHub

pulp_webserver: Add support for TLS configuration

Enable HTTPS by default when deploying a new pulp server. One can either specify the value of the certificate and the key. Or, if none available, can have the installer generating them.

Support has been added for both nginx and apache.

fixes #6845 https://pulp.plan.io/issues/6845 fixes #6847 https://pulp.plan.io/issues/6847

Co-Authored-By: Matthias Dellweg

Added by spredzy almost 4 years ago

Revision 83e9b685 | View on GitHub

pulp_webserver: Add support for TLS configuration

Enable HTTPS by default when deploying a new pulp server. One can either specify the value of the certificate and the key. Or, if none available, can have the installer generating them.

Support has been added for both nginx and apache.

fixes #6845 https://pulp.plan.io/issues/6845 fixes #6847 https://pulp.plan.io/issues/6847

Co-Authored-By: Matthias Dellweg

Actions #9

Updated by rchan almost 4 years ago

  • Sprint changed from Sprint 77 to Sprint 78
Actions #10

Updated by spredzy almost 4 years ago

  • Status changed from POST to MODIFIED
  • % Done changed from 0 to 100
Actions #11

Updated by ttereshc over 3 years ago

  • Sprint/Milestone set to 3.8.0
Actions #12

Updated by ttereshc over 3 years ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE

Also available in: Atom PDF